Vulnerabilities > Socialcms

DATE	CVE	VULNERABILITY TITLE	RISK
2012-10-08	CVE-2012-1416	Cross-Site Request Forgery (CSRF) vulnerability in Socialcms 1.0.2 Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrator accounts via a member_new action to my_admin/admin1_members.php or (2) modify the default site title via a save action to my_admin/admin1_configuration.php. network socialcms CWE-352	6.8
2012-04-05	CVE-2012-1982	Cross-Site Scripting vulnerability in Socialcms 1.0.2 Cross-site scripting (XSS) vulnerability in my_admin/admin1_list_pages.php in SocialCMS 1.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the TR_title parameter in an edit action. network socialcms CWE-79	3.5
2012-03-19	CVE-2012-1781	Cross-Site Scripting vulnerability in Socialcms 1.0.5 Multiple cross-site scripting (XSS) vulnerabilities in ajax/commentajax.php in SocialCMS 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) TREF_email_address or (2) TR_name parameters. network socialcms CWE-79	4.3
2012-03-19	CVE-2012-1780	SQL Injection vulnerability in Socialcms 1.0.5 SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows remote attackers to execute arbitrary SQL commands via the category parameter. network low complexity socialcms CWE-89	7.5

Vulnerabilities > Socialcms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Socialcms"}]}